aa/attester: IBM Secure Execution driver fix comments

Signed-off-by: Qi Feng Huo <huoqif@cn.ibm.com>
confidential-containers · Jun 7, 2024 · c6dc4fd · c6dc4fd
1 parent e0af5a2
commit c6dc4fd
Showing 1 changed file with 19 additions and 9 deletions.
diff --git a/attestation-agent/attester/src/se/mod.rs b/attestation-agent/attester/src/se/mod.rs
@@ -28,6 +28,7 @@ pub struct UserData {
     image_btph: Vec<u8>,
 }
 
+#[repr(C)]
 #[serde_as]
 #[derive(Debug, Serialize, Deserialize)]
 pub struct SeAttestationRequest {
@@ -43,8 +44,9 @@ pub struct SeAttestationRequest {
     image_hdr_tags: BootHdrTags,
 }
 
+#[repr(C)]
 #[serde_as]
-#[derive(Clone, Debug, Serialize, Deserialize)]
+#[derive(Debug, Serialize, Deserialize)]
 pub struct SeAttestationResponse {
     #[serde_as(as = "Base64")]
     measurement: Vec<u8>,
@@ -69,21 +71,29 @@ pub struct SeAttester {}
 impl Attester for SeAttester {
     async fn get_evidence(&self, req: Vec<u8>) -> Result<String> {
         // req is serialized SeAttestationRequest String bytes
-        // TODO, calculate optional userdata based on the boot partition etc.
+        // TODO, optionally calculate image boot partition hash (btph).
         let image_btph = "optional check";
         let userdata = UserData {
             image_btph: image_btph.into(),
         };
 
         debug!("userdata json: {userdata:#?}");
         // req is serialized SeAttestationRequest String bytes
-        let request: SeAttestationRequest = serde_json::from_slice(req)?;
+        let request: SeAttestationRequest = serde_json::from_slice(&req)?;
+        let SeAttestationRequest {
+            request_blob,
+            measurement_size,
+            additional_size,
+            encr_measurement_key,
+            encr_request_nonce,
+            image_hdr_tags,
+        } = request;
         let user_data = serde_json::to_vec(&userdata)?;
         let mut uvc: AttestationCmd = AttestationCmd::new_request(
-            request.request_blob.clone().into(),
+            request_blob.into(),
             Some(user_data.to_vec()),
-            request.measurement_size,
-            request.additional_size,
+            measurement_size,
+            additional_size,
         )?;
         let uv = UvDevice::open()?;
         uv.send_cmd(&mut uvc)?;
@@ -96,9 +106,9 @@ impl Attester for SeAttester {
             additional_data,
             user_data,
             cuid: *cuid,
-            encr_measurement_key: request.encr_measurement_key,
-            encr_request_nonce: request.encr_request_nonce,
-            image_hdr_tags: request.image_hdr_tags,
+            encr_measurement_key,
+            encr_request_nonce,
+            image_hdr_tags,
         };
 
         debug!("response json: {response:#?}");